64fa5a2a2531f1a5be61db5173a09b24_JaffaCakes118 | Triage

Sharing

General

Target

64fa5a2a2531f1a5be61db5173a09b24_JaffaCakes118
Size

182KB
MD5

64fa5a2a2531f1a5be61db5173a09b24
SHA1

d7da516235cccfbb855e85a89864f068a32ee2a3
SHA256

7a62905a129c6960512dde5803f627c88d4bb4ba441b412d2a016001e493e9d8
SHA512

5947cb2ae3be9bcc2875cbbfdfda1799cc7e71bc2faf819b7f7199a47356e463c871c22e5c0e02c22c972bd3987c7d1204b96f970384c03f4b36691260fd4a58
SSDEEP

3072:Z3OS0sKCAMTIiTiTL4v7kv3IQBjF3bZWLpFttze//gPV1NZnq2ho9H:Z3z/KUWu7SYQn0LpFti/gPLNxqYo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64fa5a2a2531f1a5be61db5173a09b24_JaffaCakes118

Files

64fa5a2a2531f1a5be61db5173a09b24_JaffaCakes118
.exe windows:4 windows x86 arch:x86

58c51af2507337fc096bd7bce2cb29b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
GetSystemTimeAsFileTime
SetLastError
QueryPerformanceCounter
TlsAlloc
GetCurrentProcessId
HeapReAlloc
EnumSystemLanguageGroupsW
HeapDestroy
HeapCreate
VirtualFree
VirtualQuery
GetWriteWatch
IsBadWritePtr
VirtualAlloc
TlsFree

user32

GetWindow
LoadStringA
SetWindowTextA
DestroyIcon
GetDlgItem
LoadImageA
CreateWindowExA
GetParent

ole32

CoTaskMemFree
ProgIDFromCLSID
StringFromCLSID

oleacc

CreateStdAccessibleObject
AccessibleChildren

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 145KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ